Listing of the Claims: 



1 1. (Original) An apparatus comprising: 

2 at least one processor; 

3 a memory coupled to the at least one processor; 

4 a directory service server that accesses a directory that has a plurality of entries, 

5 the plurality of entries including at least one proxy entry that contains security 

6 information for a corresponding protected resource, the directory service server including 

7 authentication and authorization functions that determine whether a selected one of the 

8 plurality of entries may be accessed; 

9 a plurality of protected resources that are not stored or contained v^ithin the 

10 directory; 

1 1 an application residing in the memory and executed by the at least one processor, 

12 the application including a logical mapping that correlates each protected resource with a 

13 corresponding proxy entry, the application determining whether the application is 

14 authorized to access a selected protected resource by invoking the authentication and 

1 5 authorization functions in the directory service server to determine whether the proxy 

16 entry corresponding to the selected resource may be accessed, and if so, the application 

1 7 accesses the selected protected resource. 

1 2. (Original) The apparatus of claim 1 wherein the directory service server is a 

2 Lightweight Directory Access Protocol (LDAP) server, and wherein the directory is an 

3 LDAP directory. 

1 3. (Original) The apparatus of claim 1 wherein the application does not access the 

2 selected protected resource if the proxy entry corresponding to the selected resource 

3 cannot be accessed. 



2 



1 4. (Original) A method for a directory service that contains a proxy entry corresponding 

2 to an external protected resource to provide authentication and authorization functions to 

3 a software application, the method comprising the steps of: 

4 (A) when the software application needs to access the external protected resource, 

5 performing the steps of: 

6 (Al) identifying a proxy entry that corresponds to the external protected 

7 resource; 

8 (A2) the software application requesting from the directory service access 

9 to the proxy entry that corresponds to the extemal protected resource; and 

10 (A3) if the directory service grants access to the proxy entry that 

1 1 corresponds to the extemal protected resource, the application accesses the 

1 2 extemal protected resource. 

1 5. (Original) The method of claim 4 further comprising the step of: 

2 (A4) if the directory service denies access to the proxy entry that 

3 corresponds to the extemal protected resource, the application does not access the 

4 protected resource. 
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1 6. (Original) A method for a directory service to provide authentication and authorization 

2 functions to a software application, the method comprising the steps of: 

3 (A) determining which of a plurality of resources require protection; 

4 (B) creating a proxy entry in the directory service for each protected resource; 

5 (C) generating a logical mapping that correlates each protected resource to its 

6 corresponding proxy entry; 

7 (D) when the software application needs to access a selected protected resource, 

8 performing the steps of: 

9 (Dl) using the logical mapping to identify a proxy entry that corresponds 

10 to the selected protected resource; 

1 1 (D2) the software application requesting from the directory service access 

12 to the identified proxy entry; and 

13 (D3) if the directory service grants access to the identified proxy entry, the 

14 application accesses the selected protected resourceA 

1 7. (Original) The method of claim 6 further comprising the step of: 

2 (D4) if the directory service denies access to the proxy entry that 

3 corresponds to the selected protected resource, the application does not access the 

4 selected protected resource. 
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1 8. (Original) A program product comprising: 

2 (A) a software application that uses a logical mapping that correlates a plurality of 

3 protected resources that are not stored or contained within the directory with 

4 corresponding proxy entries in a directory service that is managed by a directory service 

5 server, the application determining whether the application is authorized to access a 

6 selected protected resource by invoking authentication and authorization functions in the 

7 directory service server to determine whether the proxy entry corresponding to the 

8 selected resource may be accessed, and if so, the apphcation accesses the selected 

9 protected resource; and 

1 0 (B) computer-readable signal bearing media bearing the software application. 

1 9. (Original) The program product of claim 8 wherein the signal bearing media 

2 comprises recordable media. 

1 10. (Original) The program product of claim 8 wherein the signal bearing media 

2 comprises transmission media. 

1 11. (Original) The program product of claim 8 wherein the directory service server is a 

2 Lightweight Directory Access Protocol (LDAP) server, and wherein the directory is an 

3 LDAP directory. 

1 12. (Original) The program product of claim 8 wherein the application does not access 

2 the selected protected resource if the proxy entry corresponding to the selected resource 

3 cannot be accessed. 
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